libcap2 would allow unintended capabilities.
Software Description:
- libcap2: POSIX 1003.1e capabilities (library)
Details:
Tianjia Zhang discovered the libcap2 PAM module pam_cap incorrectly
handled parsing group names in the configuration file. This could result in
certain users being granted capabilities, contrary to expectations.
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 libpam-cap 1:2.66-5ubuntu3.1 Ubuntu 24.04 LTS libpam-cap 1:2.66-5ubuntu2.2 Ubuntu 22.04 LTS libpam-cap 1:2.44-1ubuntu0.22.04.2 Ubuntu 20.04 LTS libpam-cap 1:2.32-1ubuntu0.2 After a standard system update you need to reboot your computer to make all the necessary changes.
https://ubuntu.com/security/notices/USN-7287-1
CVE-2025-1390
Get the latest Linux and open source security news straight to your inbox.